|
Family: Databases --> Category: infos
DB2 < 8.1 Fixpack 12 Vulnerability Scan
Vulnerability Scan Summary Checks DB2 signature
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote database server is affected by a denial of service issue.
Description :
According to its version, the installation of DB2 on the remote host
may crash when it attempts to process a specially-crafted CONNECT or
ATTACH request sent during the initial handshake process. An
unauthenticated remote attacker can leverage this issue to overflow a
buffer and crash the database instance, thereby denying service to
legitimate users.
See also :
http://archives.neohapsis.com/archives/bugtraq/2006-09/0060.html
http://www-1.ibm.com/support/docview.wss?uid=swg24012305
Solution :
Apply DB2 UDB Version 8.1 FixPak 12 or later.
Threat Level:
Low / CVSS Base Score : 2.3
(AV:R/AC:L/Au:NR/C:N/I:N/A:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|